Eko security overview

Here you’ll find information about Eko’s infrastructure and security.

Security and HIPAA

Data security is one of our highest priorities. Eko maintains HIPAA compliant policies, procedures, and technical safeguards for patient and customer data.

Policies and procedures

Eko maintains industry recommended HIPAA-compliant policies and procedures for securing patient data.


Eko uses HIPAA-compliant and NIST recommended 256-bit AES encryption using managed keys for patient data. Encrypted backups are taken daily.


We conduct nightly backups and regularly test our backups to ensure data recoverability.

BAA agreements

Eko maintains BAA agreements with subcontractors and our hosting providers to ensure HIPAA compliance.

Secure facilities (SOC 2)

Eko is Service Organization Control 2 (SOC 2 Type 2) certified to keep health system and patient data safe.

Contact us

To report security issues or concerns, please contact: security@ekohealth.com.

LBL380 Rev.A

Date of Issue August 31, 2022

Was this article helpful?

Related articles